annotate mod_audit_user_accounts/mod_audit_user_accounts.lua @ 5750:c89077b4f46e

mod_audit_tokens: Record events fired by mod_tokenauth in audit log
author Kim Alvefur <zash@zash.se>
date Fri, 01 Dec 2023 21:32:33 +0100
parents 628952e4ff47
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4933
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
1 module:depends("audit");
4934
08dea42a302a mod_audit*: fix luacheck warnings
Jonas Schäfer <jonas@wielicki.name>
parents: 4933
diff changeset
2 -- luacheck: read globals module.audit
4933
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
3
5744
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
4 local dt = require "util.datetime";
5713
dde83f6043e6 mod_audit_register: Include hostpart with audit events here too
Kim Alvefur <zash@zash.se>
parents: 4934
diff changeset
5 local jid = require "util.jid";
4933
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
6 local st = require "util.stanza";
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
7
5744
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
8 local function audit_basic_event(name, custom_handler)
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
9 module:hook(name, function (event)
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
10 local custom;
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
11 if custom_handler then
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
12 custom = custom_handler(event);
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
13 end
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
14 module:audit(jid.join(event.username, module.host), name, {
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
15 session = event.session;
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
16 custom = custom;
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
17 });
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
18 end);
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
19 end
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
20
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
21 audit_basic_event("user-registered", function (event)
4933
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
22 local invite = event.validated_invite or (event.session and event.session.validated_invite);
5744
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
23 if not invite then return; end
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
24 return {
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
25 st.stanza(
4933
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
26 "invite-used",
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
27 {
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
28 xmlns = "xmpp:prosody.im/audit",
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
29 token = invite.token,
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
30 }
5744
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
31 );
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
32 };
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
33 end);
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
34
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
35 audit_basic_event("user-deregistered-pending");
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
36 audit_basic_event("user-deregistered");
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
37
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
38 audit_basic_event("user-enabled");
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
39 audit_basic_event("user-disabled", function (event)
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
40 local meta = event.meta;
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
41 if not meta then return end
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
42
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
43 local meta_st = st.stanza("disabled", {
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
44 xmlns = "xmpp:prosody.im/audit";
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
45 reason = meta.reason;
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
46 when = meta.when and dt.datetime(meta.when) or nil;
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
47 });
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
48 if meta.comment then
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
49 meta_st:text_tag("comment", meta.comment);
4933
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
50 end
5744
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
51
b4607c5dfcac mod_audit_register: Support for deregister and enable/disable events
Matthew Wild <mwild1@gmail.com>
parents: 5713
diff changeset
52 return { meta_st };
4933
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
53 end);